[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Phase 1 KB lifetime

To: Dan Harkins <dharkins@network-alchemy.com>, Andrew Krywaniuk <akrywaniuk@TimeStep.com>
Subject: RE: Phase 1 KB lifetime
From: Andrew Krywaniuk <akrywaniuk@TimeStep.com>
Date: Wed, 19 Jan 2000 13:31:25 -0500
Cc: Joern Sierwald <joern@datafellows.com>, ipsec@lists.tislabs.com
Sender: owner-ipsec@lists.tislabs.com

I'm not saying that I'm not in favour of the responder lifetime. In fact,
our code both parses and sends them.

But are you saying that only lifetimes that both peers can agree on should
be allowed?

What about people who want to delete their phase 1s under low memory
conditions?
What about people who want to use inactivity timeouts?
What about people who want to delete/rekey their SAs if they detect a
security violation.

Should these actions be explicitly forbidden by the spec because they can't
be accurately described in a responder lifetime notify?

Andrew
_______________________________________________
 Beauty without truth is insubstantial.
 Truth without beauty is unbearable.


-----Original Message-----
From: Dan Harkins [mailto:dharkins@Network-Alchemy.COM]
Sent: Tuesday, January 18, 2000 5:46 PM
To: Andrew Krywaniuk
Cc: Joern Sierwald; ipsec@lists.tislabs.com
Subject: Re: Phase 1 KB lifetime 


  I'd like to nip this in the bud. The "just go ahead and enforce a
lifetime,
just don't tell me about it" combined with "implementations are not required
to interperet lifetime notifies" is probably the reason that people have
problems with rekeying.

  It is _never_ a good idea to just enforce a lifetime without telling the
peer (assuming, as we all remember from 3rd grade, makes an ass out of you
and me). Similarly it is _never_ a good idea to ignore the lifetime notify
a peer gives you. 

  If it has to be expressly stated in the RFC (I'm a bit surprised by this
line of reasoning though) then so be it.

  Dan.

On Tue, 18 Jan 2000 16:43:29 EST you wrote
>
> There are essentially two opinions concerning the removal of the kb
lifetime
> notify -- one pro, one con:
> 
> Pro: Implementations are not required to send lifetime notifies. If you
want
> to enforce a kb lifetime, go ahead -- just don't tell me about it.
> 
> Con: Implementations are not required to interpret lifetime notifies.
> Sending the kb lifetime notify does not hinder interoperability. In fact,
as
> has been pointed out on this list before, not sending lifetime notifies
can
> hinder interoperability with some implementations.

Follow-Ups:

Re: Phase 1 KB lifetime

From: Dan Harkins <dharkins@network-alchemy.com>

Prev by Date: Re: Phase 1 KB lifetime
Next by Date: RE: Phase 1 KB lifetime
Prev by thread: Re: Phase 1 KB lifetime
Next by thread: Re: Phase 1 KB lifetime
Index(es):
- Main
- Thread